At the 2016 ICS Cyber Security Conference we will be providing a demonstration and will take the SEL-751A used in a traditional motor control setting and compromise not only the SEL751A, but then take control of the motor.

This April Fool’s Day, let’s acknowledge that a security strategy focused exclusively on patching and prevention is a fool’s errand and let’s move towards an adaptive approach that includes prevention, detection, continuous visibility and response.

Adobe’s Flash Player in 2015 was the dominant application in terms of vulnerabilities targeted by exploit kits (EKs), with 13 of the 17 new flaws added to these malicious programs pertaining to the web plugin.

Eliminating defacement attacks on a WordPress site is extremely difficult because of the vulnerable nature of the platform. Administrators should continuously check for the appearance of unknown files and directories and monitor them for changes.

Exploiting the Pass-the-Hash vulnerability is the weapon of choice for most APT attackers. Therefore when Microsoft released a Windows’ update on May 13th titled: “Update to fix the Pass-The-Hash Vulnerability”, it was warmly accepted by IT teams. However, this update was received by the security community with a raised eyebrow, especially due to the fact that just two months before the upd...

Microsoft officially ends support on Tuesday, April 8 by releasing the last security updates for Windows XP and Office 2003 as part of the April Patch Tuesday release. Security experts believe criminals are hoarding XP vulnerabilities with plans to launch campaigns exploiting them at a later date, since those zero days will become "forever days."

One of the new security features in the latest Windows release (Windows 8.1) is the “Restricted Admin mode for Remote Desktop Connection”. This measure is meant to enhance Windows credential protection against attacks such as Pass-the-Hash and Pass-the-Ticket. However, it appears that cure might be worse than the disease as the new “Restricted Admin mode” opens a new attack surface for the...

The recent revelation from Ben Gurion University of malicious apps that can be used to bypass VPN configurations and push communications to a different network address changes the conversation entirely.

If you have been following SCADA news in the last month, you might have noticed an avalanche of reports and blogs on new security vulnerabilities in power industry equipment. So far, vulnerability disclosures for 9 products using the DNP3 protocol have been released by the ICS-CERT, with another 21 SCADA product disclosures on their way.

Eliminating the risk of SQL injection is made complicated by a host of factors -- many of which are out of the developer and security teams’ control. If not addressed completely, web applications are still vulnerable. Let’s look at the problem from each team’s point of view.